Merge remote-tracking branch 'cd/master'
This commit is contained in:
commit
eb710a17e2
3
Makefile
3
Makefile
|
@ -13,6 +13,9 @@ system ?= $(HOSTNAME)
|
|||
$(if $(system),,$(error unbound variable: system))
|
||||
|
||||
nixos-config ?= $(stockholm)/$(LOGNAME)/1systems/$(system).nix
|
||||
ifneq ($(words $(wildcard $(nixos-config))),1)
|
||||
$(error bad nixos-config: $(nixos-config))
|
||||
endif
|
||||
|
||||
# target = [target_user@]target_host[:target_port][/target_path]
|
||||
ifdef target
|
||||
|
|
|
@ -135,8 +135,7 @@ let
|
|||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
PermissionsStartOnly = true;
|
||||
ExecStartPre = pkgs.writeScript "acng-init" ''
|
||||
#!/bin/sh
|
||||
ExecStartPre = pkgs.writeDash "acng-init" ''
|
||||
mkdir -p ${shell.escape cfg.cacheDir} ${shell.escape cfg.logDir}
|
||||
chown acng:acng ${shell.escape cfg.cacheDir} ${shell.escape cfg.logDir}
|
||||
'';
|
||||
|
|
|
@ -121,8 +121,7 @@ let
|
|||
"mkdir -m 0700 -p ${shell.escape plan.dst.path}/current"
|
||||
"flock -n ${shell.escape plan.dst.path} rsync"
|
||||
];
|
||||
in pkgs.writeScript "backup.${plan.name}" ''
|
||||
#! ${pkgs.bash}/bin/bash
|
||||
in pkgs.writeBash "backup.${plan.name}" ''
|
||||
set -efu
|
||||
start_date=$(date +%s)
|
||||
ssh_target=${shell.escape login-name}@$(${fastest-address remote.host})
|
||||
|
|
|
@ -109,8 +109,7 @@ let
|
|||
Type = "simple";
|
||||
PrivateTmp = true;
|
||||
|
||||
ExecStartPre = assert server.secretKey != ""; pkgs.writeScript "bepasty-server.${name}-init" ''
|
||||
#!/bin/sh
|
||||
ExecStartPre = assert server.secretKey != ""; pkgs.writeDash "bepasty-server.${name}-init" ''
|
||||
mkdir -p "${server.dataDir}" "${server.workDir}"
|
||||
chown bepasty:bepasty "${server.workDir}" "${server.dataDir}"
|
||||
cat > "${server.workDir}/bepasty-${name}.conf" <<EOF
|
||||
|
|
|
@ -345,8 +345,7 @@ let
|
|||
Type = "forking";
|
||||
PIDFile = "${workdir}/twistd.pid";
|
||||
# TODO: maybe also prepare buildbot.tac?
|
||||
ExecStartPre = pkgs.writeScript "buildbot-master-init" ''
|
||||
#!/bin/sh
|
||||
ExecStartPre = pkgs.writeDash "buildbot-master-init" ''
|
||||
set -efux
|
||||
if [ ! -e ${workdir} ];then
|
||||
mkdir -p ${workdir}
|
||||
|
|
|
@ -159,8 +159,7 @@ let
|
|||
Type = "forking";
|
||||
PIDFile = "${workdir}/twistd.pid";
|
||||
# TODO: maybe also prepare buildbot.tac?
|
||||
ExecStartPre = pkgs.writeScript "buildbot-master-init" ''
|
||||
#!/bin/sh
|
||||
ExecStartPre = pkgs.writeDash "buildbot-master-init" ''
|
||||
set -efux
|
||||
mkdir -p ${workdir}/info
|
||||
cp ${buildbot-slave-init} ${workdir}/buildbot.tac
|
||||
|
|
|
@ -462,7 +462,7 @@ let
|
|||
|
||||
reponames = rules: sort lessThan (unique (map (x: x.repo.name) rules));
|
||||
|
||||
# TODO makeGitHooks that uses runCommand instead of scriptFarm?
|
||||
# TODO use `writeOut`
|
||||
scriptFarm =
|
||||
farm-name: scripts:
|
||||
let
|
||||
|
|
|
@ -37,8 +37,7 @@ let
|
|||
SyslogIdentifier = "github-hosts-sync";
|
||||
User = user.name;
|
||||
Restart = "always";
|
||||
ExecStartPre = pkgs.writeScript "github-hosts-sync-init" ''
|
||||
#! /bin/sh
|
||||
ExecStartPre = pkgs.writeDash "github-hosts-sync-init" ''
|
||||
set -euf
|
||||
install -m 0711 -o ${user.name} -d ${cfg.dataDir}
|
||||
install -m 0700 -o ${user.name} -d ${cfg.dataDir}/.ssh
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
arg@{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
inherit (pkgs) writeScript writeText;
|
||||
inherit (pkgs) writeText;
|
||||
|
||||
inherit (builtins)
|
||||
elem
|
||||
|
@ -175,8 +175,7 @@ let
|
|||
${buildTables iptables-version tables}
|
||||
'';
|
||||
|
||||
startScript = writeScript "krebs-iptables_start" ''
|
||||
#! /bin/sh
|
||||
startScript = pkgs.writeDash "krebs-iptables_start" ''
|
||||
set -euf
|
||||
iptables-restore < ${rules4 4}
|
||||
ip6tables-restore < ${rules4 6}
|
||||
|
|
|
@ -1,12 +1,12 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
with config.krebs.lib;
|
||||
let
|
||||
cfg = config.krebs.repo-sync;
|
||||
|
||||
out = {
|
||||
options.krebs.repo-sync = api;
|
||||
config = mkIf cfg.enable imp;
|
||||
config = lib.mkIf cfg.enable imp;
|
||||
};
|
||||
|
||||
api = {
|
||||
|
@ -70,7 +70,7 @@ let
|
|||
imp = {
|
||||
users.users.repo-sync = {
|
||||
name = "repo-sync";
|
||||
uid = config.krebs.lib.genid "repo-sync";
|
||||
uid = genid "repo-sync";
|
||||
description = "repo-sync user";
|
||||
home = cfg.stateDir;
|
||||
createHome = true;
|
||||
|
@ -95,9 +95,8 @@ let
|
|||
serviceConfig = {
|
||||
Type = "simple";
|
||||
PermissionsStartOnly = true;
|
||||
ExecStartPre = pkgs.writeScript "prepare-repo-sync-user" ''
|
||||
#! /bin/sh
|
||||
cp -v ${config.krebs.lib.shell.escape cfg.privateKeyFile} ${cfg.stateDir}/ssh.priv
|
||||
ExecStartPre = pkgs.writeDash "prepare-repo-sync-user" ''
|
||||
cp -v ${shell.escape cfg.privateKeyFile} ${cfg.stateDir}/ssh.priv
|
||||
chown repo-sync ${cfg.stateDir}/ssh.priv
|
||||
'';
|
||||
ExecStart = "${pkgs.repo-sync}/bin/repo-sync ${repo-sync-config}";
|
||||
|
|
|
@ -159,13 +159,13 @@ let
|
|||
PrivateKeyFile = ${cfg.privkey.path}
|
||||
${cfg.extraConfig}
|
||||
'';
|
||||
"tinc-up" = pkgs.writeScript "${cfg.netname}-tinc-up" ''
|
||||
"tinc-up" = pkgs.writeDash "${cfg.netname}-tinc-up" ''
|
||||
${iproute}/sbin/ip link set ${cfg.netname} up
|
||||
${optionalString (net.ip4 != null) ''
|
||||
${optionalString (net.ip4 != null) /* sh */ ''
|
||||
${iproute}/sbin/ip -4 addr add ${net.ip4.addr} dev ${cfg.netname}
|
||||
${iproute}/sbin/ip -4 route add ${net.ip4.prefix} dev ${cfg.netname}
|
||||
''}
|
||||
${optionalString (net.ip6 != null) ''
|
||||
${optionalString (net.ip6 != null) /* sh */ ''
|
||||
${iproute}/sbin/ip -6 addr add ${net.ip6.addr} dev ${cfg.netname}
|
||||
${iproute}/sbin/ip -6 route add ${net.ip6.prefix} dev ${cfg.netname}
|
||||
''}
|
||||
|
|
|
@ -94,8 +94,7 @@ let
|
|||
TimeoutSec = 300; # we will wait 5 minutes, kill otherwise
|
||||
restart = "always";
|
||||
|
||||
ExecStartPre = pkgs.writeScript "tinc_graphs-init" ''
|
||||
#!/bin/sh
|
||||
ExecStartPre = pkgs.writeDash "tinc_graphs-init" ''
|
||||
mkdir -p "${internal_dir}" "${external_dir}"
|
||||
if ! test -e "${cfg.workingDir}/internal/index.html"; then
|
||||
cp -fr "$(${pkgs.tinc_graphs}/bin/tincstats-static-dir)/internal/." "${internal_dir}"
|
||||
|
@ -106,8 +105,7 @@ let
|
|||
'';
|
||||
ExecStart = "${pkgs.tinc_graphs}/bin/all-the-graphs";
|
||||
|
||||
ExecStartPost = pkgs.writeScript "tinc_graphs-post" ''
|
||||
#!/bin/sh
|
||||
ExecStartPost = pkgs.writeDash "tinc_graphs-post" ''
|
||||
# TODO: this may break if workingDir is set to something stupid
|
||||
# this is needed because homedir is created with 700
|
||||
chmod 755 "${cfg.workingDir}"
|
||||
|
|
|
@ -15,6 +15,16 @@ let out = rec {
|
|||
|
||||
addNames = mapAttrs addName;
|
||||
|
||||
guard = spec@{ type, value, ... }:
|
||||
assert isOptionType type;
|
||||
if type.check value
|
||||
then value
|
||||
else throw (toString (filter isString [
|
||||
"argument"
|
||||
(if spec ? name then "‘${spec.name}’" else null)
|
||||
"is not a ${type.name}"
|
||||
]));
|
||||
|
||||
types = import ./types.nix {
|
||||
inherit config;
|
||||
lib = lib // { inherit genid optionalTrace; };
|
||||
|
@ -27,6 +37,11 @@ let out = rec {
|
|||
shell = import ./shell.nix { inherit lib; };
|
||||
tree = import ./tree.nix { inherit lib; };
|
||||
|
||||
lpad = n: c: s:
|
||||
if stringLength s < n
|
||||
then lpad n c (c + s)
|
||||
else s;
|
||||
|
||||
toC = x: let
|
||||
type = typeOf x;
|
||||
reject = throw "cannot convert ${type}";
|
||||
|
@ -41,6 +56,8 @@ let out = rec {
|
|||
mapAttrs (name: _: path + "/${name}")
|
||||
(filterAttrs (_: eq "directory") (readDir path));
|
||||
|
||||
genAttrs' = names: f: listToAttrs (map f names);
|
||||
|
||||
setAttr = name: value: set: set // { ${name} = value; };
|
||||
|
||||
optionalTrace = c: msg: x: if c then trace msg x else x;
|
||||
|
|
|
@ -163,7 +163,7 @@ types // rec {
|
|||
secret-file = submodule ({ config, ... }: {
|
||||
options = {
|
||||
path = mkOption { type = str; };
|
||||
mode = mkOption { type = str; default = "0400"; };
|
||||
mode = mkOption { type = file-mode; default = "0400"; };
|
||||
owner = mkOption {
|
||||
type = user;
|
||||
default = config.krebs.users.root;
|
||||
|
@ -239,7 +239,7 @@ types // rec {
|
|||
check = let
|
||||
IPv4address = let d = "([1-9]?[0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])"; in
|
||||
concatMapStringsSep "." (const d) (range 1 4);
|
||||
in x: match IPv4address x != null;
|
||||
in x: isString x && match IPv4address x != null;
|
||||
merge = mergeOneOption;
|
||||
};
|
||||
addr6 = mkOptionType {
|
||||
|
@ -247,7 +247,7 @@ types // rec {
|
|||
check = let
|
||||
# TODO check IPv6 address harder
|
||||
IPv6address = "[0-9a-f.:]+";
|
||||
in x: match IPv6address x != null;
|
||||
in x: isString x && match IPv6address x != null;
|
||||
merge = mergeOneOption;
|
||||
};
|
||||
|
||||
|
@ -293,6 +293,12 @@ types // rec {
|
|||
};
|
||||
};
|
||||
|
||||
file-mode = mkOptionType {
|
||||
name = "file mode";
|
||||
check = x: isString x && match "[0-7]{4}" x != null;
|
||||
merge = mergeOneOption;
|
||||
};
|
||||
|
||||
haskell.conid = mkOptionType {
|
||||
name = "Haskell constructor identifier";
|
||||
check = x:
|
||||
|
@ -309,7 +315,7 @@ types // rec {
|
|||
# RFC952, B. Lexical grammar, <hname>
|
||||
hostname = mkOptionType {
|
||||
name = "hostname";
|
||||
check = x: all label.check (splitString "." x);
|
||||
check = x: isString x && all label.check (splitString "." x);
|
||||
merge = mergeOneOption;
|
||||
};
|
||||
|
||||
|
@ -318,14 +324,15 @@ types // rec {
|
|||
label = mkOptionType {
|
||||
name = "label";
|
||||
# TODO case-insensitive labels
|
||||
check = x: match "[0-9A-Za-z]([0-9A-Za-z-]*[0-9A-Za-z])?" x != null;
|
||||
check = x: isString x
|
||||
&& match "[0-9A-Za-z]([0-9A-Za-z-]*[0-9A-Za-z])?" x != null;
|
||||
merge = mergeOneOption;
|
||||
};
|
||||
|
||||
# POSIX.1‐2013, 3.278 Portable Filename Character Set
|
||||
filename = mkOptionType {
|
||||
name = "POSIX filename";
|
||||
check = x: match "([0-9A-Za-z._])[0-9A-Za-z._-]*" x != null;
|
||||
check = x: isString x && match "([0-9A-Za-z._])[0-9A-Za-z._-]*" x != null;
|
||||
merge = mergeOneOption;
|
||||
};
|
||||
|
||||
|
@ -335,7 +342,7 @@ types // rec {
|
|||
absolute-pathname = mkOptionType {
|
||||
name = "POSIX absolute pathname";
|
||||
check = x: let xs = splitString "/" x; xa = head xs; in
|
||||
xa == "/" || (xa == "" && all filename.check (tail xs));
|
||||
isString x && (xa == "/" || (xa == "" && all filename.check (tail xs)));
|
||||
merge = mergeOneOption;
|
||||
};
|
||||
|
||||
|
@ -344,7 +351,7 @@ types // rec {
|
|||
pathname = mkOptionType {
|
||||
name = "POSIX pathname";
|
||||
check = x: let xs = splitString "/" x; in
|
||||
all filename.check (if head xs == "" then tail xs else xs);
|
||||
isString x && all filename.check (if head xs == "" then tail xs else xs);
|
||||
merge = mergeOneOption;
|
||||
};
|
||||
|
||||
|
|
|
@ -74,8 +74,7 @@ rec {
|
|||
};
|
||||
|
||||
nixos-version = buildSimpleReaktorPlugin "nixos-version" {
|
||||
script = pkgs.writeScript "nixos-version" ''
|
||||
#! /bin/sh
|
||||
script = pkgs.writeDash "nixos-version" ''
|
||||
. /etc/os-release
|
||||
echo "$PRETTY_NAME"
|
||||
'';
|
||||
|
|
|
@ -2,16 +2,16 @@
|
|||
with config.krebs.lib;
|
||||
rec {
|
||||
execve = name: { filename, argv ? null, envp ? {}, destination ? "" }: let
|
||||
in writeC name { inherit destination; } ''
|
||||
in writeC name { inherit destination; } /* c */ ''
|
||||
#include <unistd.h>
|
||||
|
||||
static char *const filename = ${toC filename};
|
||||
|
||||
${if argv == null
|
||||
then /* Propagate arguments */ ''
|
||||
then /* Propagate arguments */ /* c */ ''
|
||||
#define MAIN_ARGS int argc, char **argv
|
||||
''
|
||||
else /* Provide fixed arguments */ ''
|
||||
else /* Provide fixed arguments */ /* c */ ''
|
||||
#define MAIN_ARGS void
|
||||
static char *const argv[] = ${toC (argv ++ [null])};
|
||||
''}
|
||||
|
@ -28,22 +28,22 @@ rec {
|
|||
|
||||
execveBin = name: cfg: execve name (cfg // { destination = "/bin/${name}"; });
|
||||
|
||||
writeBash = name: text: pkgs.writeScript name ''
|
||||
#! ${pkgs.bash}/bin/bash
|
||||
${text}
|
||||
'';
|
||||
makeScriptWriter = interpreter: name: text:
|
||||
assert (with types; either absolute-pathname filename).check name;
|
||||
pkgs.writeOut (baseNameOf name) {
|
||||
${optionalString (types.absolute-pathname.check name) name} = {
|
||||
executable = true;
|
||||
text = "#! ${interpreter}\n${text}";
|
||||
};
|
||||
};
|
||||
|
||||
writeBashBin = name: text: pkgs.writeTextFile {
|
||||
executable = true;
|
||||
destination = "/bin/${name}";
|
||||
name = name;
|
||||
text = ''
|
||||
#! ${pkgs.bash}/bin/bash
|
||||
${text}
|
||||
'';
|
||||
};
|
||||
writeBash = makeScriptWriter "${pkgs.bash}/bin/bash";
|
||||
|
||||
writeC = name: { destination ? "" }: src: pkgs.runCommand name {} ''
|
||||
writeBashBin = name:
|
||||
assert types.filename.check name;
|
||||
pkgs.writeBash "/bin/${name}";
|
||||
|
||||
writeC = name: { destination ? "" }: src: pkgs.runCommand name {} /* sh */ ''
|
||||
PATH=${makeBinPath (with pkgs; [
|
||||
binutils
|
||||
coreutils
|
||||
|
@ -56,37 +56,39 @@ rec {
|
|||
strip --strip-unneeded "$exe"
|
||||
'';
|
||||
|
||||
writeDash = name: text: pkgs.writeScript name ''
|
||||
#! ${pkgs.dash}/bin/dash
|
||||
${text}
|
||||
'';
|
||||
writeDash = makeScriptWriter "${pkgs.dash}/bin/dash";
|
||||
|
||||
writeDashBin = name: text: pkgs.writeTextFile {
|
||||
executable = true;
|
||||
destination = "/bin/${name}";
|
||||
name = name;
|
||||
text = ''
|
||||
#! ${pkgs.dash}/bin/dash
|
||||
${text}
|
||||
'';
|
||||
};
|
||||
writeDashBin = name:
|
||||
assert types.filename.check name;
|
||||
pkgs.writeDash "/bin/${name}";
|
||||
|
||||
writeEximConfig = name: text: pkgs.runCommand name {
|
||||
inherit text;
|
||||
passAsFile = [ "text" ];
|
||||
} ''
|
||||
} /* sh */ ''
|
||||
# TODO validate exim config even with config.nix.useChroot == true
|
||||
# currently doing so will fail because "user exim was not found"
|
||||
#${pkgs.exim}/bin/exim -C "$textPath" -bV >/dev/null
|
||||
mv "$textPath" $out
|
||||
'';
|
||||
|
||||
writeFiles = name: specs0:
|
||||
writeOut = name: specs0:
|
||||
let
|
||||
specs = mapAttrsToList (path: spec0: {
|
||||
path = assert types.pathname.check path; path;
|
||||
specs = mapAttrsToList (path0: spec0: rec {
|
||||
path = guard {
|
||||
type = types.pathname;
|
||||
value = path0;
|
||||
};
|
||||
var = "file_${hashString "sha1" path}";
|
||||
text = spec0.text;
|
||||
executable = guard {
|
||||
type = types.bool;
|
||||
value = spec0.executable or false;
|
||||
};
|
||||
mode = guard {
|
||||
type = types.file-mode;
|
||||
value = spec0.mode or (if executable then "0755" else "0644");
|
||||
};
|
||||
}) specs0;
|
||||
|
||||
filevars = genAttrs' specs (spec: nameValuePair spec.var spec.text);
|
||||
|
@ -97,7 +99,7 @@ rec {
|
|||
set -efu
|
||||
PATH=${makeBinPath [pkgs.coreutils]}
|
||||
${concatMapStrings (spec: /* sh */ ''
|
||||
install -D ''$${spec.var}Path $out${spec.path}
|
||||
install -m ${spec.mode} -D ''$${spec.var}Path $out${spec.path}
|
||||
'') specs}
|
||||
'';
|
||||
|
||||
|
@ -119,7 +121,7 @@ rec {
|
|||
isExecutable = executables != {};
|
||||
isLibrary = library != null;
|
||||
|
||||
cabal-file = pkgs.writeText "${name}-${version}.cabal" ''
|
||||
cabal-file = pkgs.writeText "${name}-${version}.cabal" /* cabal */ ''
|
||||
build-type: Simple
|
||||
cabal-version: >= 1.2
|
||||
name: ${name}
|
||||
|
@ -135,7 +137,7 @@ rec {
|
|||
, text
|
||||
, ... }:
|
||||
if types.filename.check exe-name
|
||||
then "install -D ${file} $out/${relpath}"
|
||||
then /* sh */ "install -D ${file} $out/${relpath}"
|
||||
else throw "argument ‘exe-name’ is not a ${types.filename.name}";
|
||||
|
||||
exe-section =
|
||||
|
@ -145,7 +147,7 @@ rec {
|
|||
, file ? pkgs.writeText "${name}-${exe-name}.hs" text
|
||||
, relpath ? "${exe-name}.hs"
|
||||
, text
|
||||
, ... }: ''
|
||||
, ... }: /* cabal */ ''
|
||||
executable ${exe-name}
|
||||
build-depends: ${concatStringsSep "," build-depends}
|
||||
ghc-options: ${toString ghc-options}
|
||||
|
@ -168,7 +170,7 @@ rec {
|
|||
{ build-depends ? base-depends ++ extra-depends
|
||||
, extra-depends ? []
|
||||
, exposed-modules
|
||||
, ... }: ''
|
||||
, ... }: /* cabal */ ''
|
||||
library
|
||||
build-depends: ${concatStringsSep "," build-depends}
|
||||
ghc-options: ${toString ghc-options}
|
||||
|
@ -182,7 +184,7 @@ rec {
|
|||
, text
|
||||
, ... }:
|
||||
if types.haskell.modid.check mod-name
|
||||
then "install -D ${file} $out/${relpath}"
|
||||
then /* sh */ "install -D ${file} $out/${relpath}"
|
||||
else throw "argument ‘mod-name’ is not a ${types.haskell.modid.name}";
|
||||
in
|
||||
haskellPackages.mkDerivation {
|
||||
|
@ -196,7 +198,7 @@ rec {
|
|||
(optionals isLibrary (get-depends library))
|
||||
haskellPackages;
|
||||
pname = name;
|
||||
src = pkgs.runCommand "${name}-${version}-src" {} ''
|
||||
src = pkgs.runCommand "${name}-${version}-src" {} /* sh */ ''
|
||||
install -D ${cabal-file} $out/${cabal-file.name}
|
||||
${optionalString isLibrary (lib-install library)}
|
||||
${concatStringsSep "\n" (mapAttrsToList exe-install executables)}
|
||||
|
@ -208,7 +210,7 @@ rec {
|
|||
"The function `writeNixFromCabal` has been deprecated in favour of"
|
||||
"`writeHaskell`."
|
||||
])
|
||||
(name: path: pkgs.runCommand name {} ''
|
||||
(name: path: pkgs.runCommand name {} /* sh */ ''
|
||||
${pkgs.cabal2nix}/bin/cabal2nix ${path} > $out
|
||||
'');
|
||||
}
|
||||
|
|
|
@ -101,8 +101,7 @@ let
|
|||
fi
|
||||
'';
|
||||
|
||||
irc-announce-script = pkgs.writeScript "irc-announce-script" ''
|
||||
#! /bin/sh
|
||||
irc-announce-script = pkgs.writeDash "irc-announce-script" ''
|
||||
set -euf
|
||||
|
||||
export PATH=${makeSearchPath "bin" (with pkgs; [
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
{ lib, pkgs, ... }:
|
||||
|
||||
pkgs.writeScriptBin "hashPassword" ''
|
||||
#! /bin/sh
|
||||
pkgs.writeDashBin "hashPassword" ''
|
||||
# usage: hashPassword
|
||||
set -euf
|
||||
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
{ writeScriptBin, pkgs }:
|
||||
{ writeDashBin, bepasty-client-cli }:
|
||||
|
||||
# TODO: use `wrapProgram --add-flags` instead?
|
||||
writeScriptBin "krebspaste" ''
|
||||
#! /bin/sh
|
||||
exec ${pkgs.bepasty-client-cli}/bin/bepasty-cli --url http://paste.retiolum "$@"
|
||||
# TODO use `execve` instead?
|
||||
writeDashBin "krebspaste" ''
|
||||
exec ${bepasty-client-cli}/bin/bepasty-cli --url http://paste.retiolum "$@"
|
||||
''
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
{ writeScriptBin }:
|
||||
{ writeDashBin }:
|
||||
|
||||
writeScriptBin "pssh" ''
|
||||
#! /bin/sh
|
||||
writeDashBin "pssh" ''
|
||||
set -efu
|
||||
case ''${1-} in
|
||||
|
||||
|
|
|
@ -47,8 +47,7 @@ with config.krebs.lib;
|
|||
boot.tmpOnTmpfs = true;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
(writeScriptBin "play" ''
|
||||
#! /bin/sh
|
||||
(writeDashBin "play" ''
|
||||
set -euf
|
||||
mpv() { exec ${mpv}/bin/mpv "$@"; }
|
||||
case $1 in
|
||||
|
|
|
@ -26,8 +26,7 @@ with config.krebs.lib;
|
|||
hashPassword
|
||||
haskellPackages.lentil
|
||||
parallel
|
||||
(pkgs.writeScriptBin "im" ''
|
||||
#! ${pkgs.bash}/bin/bash
|
||||
(pkgs.writeBashBin "im" ''
|
||||
export PATH=${makeSearchPath "bin" (with pkgs; [
|
||||
tmux
|
||||
gnugrep
|
||||
|
|
|
@ -67,8 +67,7 @@ in
|
|||
};
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkg}/bin/pulseaudio";
|
||||
ExecStartPre = pkgs.writeScript "pulse-start" ''
|
||||
#! /bin/sh
|
||||
ExecStartPre = pkgs.writeDash "pulse-start" ''
|
||||
install -o pulse -g pulse -m 0750 -d ${runDir}
|
||||
install -o pulse -g pulse -m 0700 -d ${runDir}/home
|
||||
'';
|
||||
|
|
|
@ -211,9 +211,8 @@ let
|
|||
nix.vim = pkgs.writeText "nix.vim" ''
|
||||
setf nix
|
||||
|
||||
syn match NixCode /./
|
||||
|
||||
" Ref <nix/src/libexpr/lexer.l>
|
||||
syn match NixID /[a-zA-Z\_][a-zA-Z0-9\_\'\-]*/
|
||||
syn match NixINT /\<[0-9]\+\>/
|
||||
syn match NixPATH /[a-zA-Z0-9\.\_\-\+]*\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/
|
||||
syn match NixHPATH /\~\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/
|
||||
|
@ -230,7 +229,7 @@ let
|
|||
\ skip="'''\('\|[$]\|\\[nrt]\)"
|
||||
\ end="'''"
|
||||
|
||||
syn cluster NixStrings contains=NixSTRING,NixIND_STRING
|
||||
syn match NixOther /[():/;=.,?\[\]]/
|
||||
|
||||
syn match NixCommentMatch /\(^\|\s\)#.*/
|
||||
syn region NixCommentRegion start="/\*" end="\*/"
|
||||
|
@ -241,6 +240,7 @@ let
|
|||
|
||||
hi link NixCommentMatch NixComment
|
||||
hi link NixCommentRegion NixComment
|
||||
hi link NixID NixCode
|
||||
hi link NixINT NixData
|
||||
hi link NixPATH NixData
|
||||
hi link NixHPATH NixData
|
||||
|
@ -250,12 +250,12 @@ let
|
|||
hi link NixIND_STRING NixData
|
||||
|
||||
hi link NixEnter NixCode
|
||||
hi link NixExit NixData
|
||||
hi link NixOther NixCode
|
||||
hi link NixQuote NixData
|
||||
hi link NixQuote2 NixQuote
|
||||
hi link NixQuote3 NixQuote
|
||||
|
||||
syn cluster NixSubLangs contains=NONE
|
||||
syn cluster nix_has_dollar_curly contains=@nix_ind_strings,@nix_strings
|
||||
syn cluster nix_ind_strings contains=NixIND_STRING
|
||||
syn cluster nix_strings contains=NixSTRING
|
||||
|
||||
${concatStringsSep "\n" (mapAttrsToList (lang: { extraStart ? null }: let
|
||||
startAlts = filter isString [
|
||||
|
@ -269,27 +269,35 @@ let
|
|||
|
||||
syn match nix_${lang}_sigil
|
||||
\ X${replaceStrings ["X"] ["\\X"] sigil}\ze\('''\|"\)X
|
||||
\ nextgroup=nix_${lang}_region
|
||||
\ nextgroup=nix_${lang}_region_IND_STRING,nix_${lang}_region_STRING
|
||||
\ transparent
|
||||
|
||||
syn region nix_${lang}_region
|
||||
syn region nix_${lang}_region_STRING
|
||||
\ matchgroup=NixSTRING
|
||||
\ start='"'
|
||||
\ skip='\\"'
|
||||
\ end='"'
|
||||
\ contained
|
||||
\ contains=@nix_${lang}_syntax
|
||||
\ transparent
|
||||
|
||||
syn region nix_${lang}_region
|
||||
syn region nix_${lang}_region_IND_STRING
|
||||
\ matchgroup=NixIND_STRING
|
||||
\ start="'''"
|
||||
\ skip="'''\('\|[$]\|\\[nrt]\)"
|
||||
\ end="'''"
|
||||
\ contained
|
||||
\ contains=@nix_${lang}_syntax
|
||||
\ transparent
|
||||
|
||||
syn cluster NixSubLangs
|
||||
\ add=nix_${lang}_region,@nix_${lang}_syntax
|
||||
syn cluster nix_ind_strings
|
||||
\ add=nix_${lang}_region_IND_STRING
|
||||
|
||||
syn cluster nix_strings
|
||||
\ add=nix_${lang}_region_STRING
|
||||
|
||||
syn cluster nix_has_dollar_curly
|
||||
\ add=@nix_${lang}_syntax
|
||||
'') {
|
||||
c = {};
|
||||
cabal = {};
|
||||
|
@ -299,26 +307,32 @@ let
|
|||
''write[^ \t\r\n]*[ \t\r\n]*"\(\([^"]*\.\)\?vimrc\|[^"]*\.vim\)"'';
|
||||
})}
|
||||
|
||||
" Clear syntax that interferes with NixBlock.
|
||||
" TODO redefine NixBlock so syntax don't have to be cleared
|
||||
syn clear shOperator shSetList shVarAssign
|
||||
" Clear syntax that interferes with nixINSIDE_DOLLAR_CURLY.
|
||||
syn clear shVarAssign
|
||||
|
||||
syn region NixBlock
|
||||
syn region nixINSIDE_DOLLAR_CURLY
|
||||
\ matchgroup=NixEnter
|
||||
\ start="[$]{"
|
||||
\ end="}"
|
||||
\ contains=TOP
|
||||
\ containedin=@NixSubLangs,@NixStrings
|
||||
\ containedin=@nix_has_dollar_curly
|
||||
\ transparent
|
||||
|
||||
syn region NixBlockHack
|
||||
syn region nix_inside_curly
|
||||
\ matchgroup=NixEnter
|
||||
\ start="{"
|
||||
\ end="}"
|
||||
\ contains=TOP
|
||||
\ containedin=nixINSIDE_DOLLAR_CURLY,nix_inside_curly
|
||||
\ transparent
|
||||
|
||||
syn match NixQuote "'''[$]"he=e-1 contained containedin=@NixSubLangs
|
||||
syn match NixQuote2 "''''"he=s+1 contained containedin=@NixSubLangs
|
||||
syn match NixQuote3 "'''\\[nrt]" contained containedin=@NixSubLangs
|
||||
syn match NixQuote /'''\([''$']\|\\.\)/he=s+2
|
||||
\ containedin=@nix_ind_strings
|
||||
\ contained
|
||||
|
||||
syn match NixQuote /\\./he=s+1
|
||||
\ containedin=@nix_strings
|
||||
\ contained
|
||||
|
||||
syn sync fromstart
|
||||
|
||||
|
|
|
@ -3,8 +3,7 @@
|
|||
{
|
||||
nixpkgs.config.packageOverrides = {
|
||||
# TODO use XDG_RUNTIME_DIR?
|
||||
cr = pkgs.writeScriptBin "cr" ''
|
||||
#! /bin/sh
|
||||
cr = pkgs.writeDashBin "cr" ''
|
||||
set -efu
|
||||
export LC_TIME=de_DE.utf8
|
||||
exec ${pkgs.chromium}/bin/chromium \
|
||||
|
|
Loading…
Reference in a new issue